SQL Injection Attacks and Defense

by Justin Clarke-Salt

Winner of the Best Book Bejtlich Read in 2009 award! "SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage." Richard Bejtlich, SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts.

Genres: Technology, Nonfiction, Programming, Science, Computer Science, Computers, Hackers

474 pages, Paperback

First published January 1, 2009

Reviews

[Constantin Minov · Rating 4 out of 5]

There are a lot of code injection techniques used to attack applications which use a database as a back-end by inserting malicious SQL statements.These types of injection attacks are first on the list of the top 10 web vulnerabilities.A successful exploitation grants an attacker unauthorized access to all data within a database through a web application, a full system control and the opportunity to use it as a launchpad for attacking others.Many compromised computers are used in cyber attacks and are being controlled by someone , in every region of the world.This book is about how to identify vulnerabilities and prevent SQL injection attacks,by knowing how things work can help preventing confidential data disclosure and being compromised repeatedly, it also explains in depth how SQL statements can be manipulated and how malicious code are injected.

[Niels · Rating 5 out of 5]

Amazing. I am afraid that I will have to reread parts of this book again and again. Also I will keep it near just-in-case.

[Brian Salehi · Rating 4 out of 5]

What a great book to learn SQL security concepts. Totally recommend it.